A method and a system for controlling a wireless sensor network from a user interface coupled to the internet are provided. A user accesses an internet-based portal from the user interface and establishes a secure broadband internet connection between a remote control module coupled to the wireless sensor network and the portal. The connection is established by manually triggering a connection between the remote control module and the portal from the remote control module.
|
1. A method for controlling a wireless sensor network coupled to a local remote control module from an internet-based user interface, the method comprising:
accessing an internet-based portal from the user interface via the internet; and
establishing a secure connection between the remote control module and the portal via the internet;
wherein:
communication between the remote control module and the portal is encrypted; and
the user interface and the portal are remotely located from the remote control module, from the wireless sensor network, and from each other.
28. A method for controlling a wireless sensor network coupled to a local remote control module from an internet-based user interface, the method comprising:
accessing an internet-based portal from the user interface;
establishing a secure internet connection between the remote control module and the portal, the establishment of the secure connection being initiated via the internet by the remote control module; and
denying, by the remote control module, any attempted connection via the internet to the remote control module not initiated by the remote control module;
wherein the user interface and the portal are remotely located from the remote control module, from the wireless sensor network, and from each other.
9. A system comprising:
a wireless sensor network;
a remote control module directly connected to the wireless sensor network and adapted to exchange signals with the wireless sensor network via a base station, the remote control module including a broadband interface to the internet;
a portal coupled to the internet, the portal including an application for configuring and initializing the wireless sensor network; and
a user interface coupled to the internet and adapted to communicate with the portal via the internet;
wherein the user interface and the portal are remotely located from the remote control module, from the wireless sensor network, and from each other;
wherein a secure connection between the remote control module and the portal via the internet is initiated from the remote control module, thereby enabling control of the wireless sensor network from the user interface via the portal; and
wherein communication between the remote control network and the portal is encrypted.
2. The method of
3. The method of
4. The method of
5. The method of
placing a telephone call to the remote control module; and
recording a caller identification (ID) from the call at the remote control module.
6. The method of
guiding set up of the wireless sensor network from the portal; and
transmitting configuration data from the portal to the remote control module.
7. The method of
8. The method of
10. The system of
11. The system of
12. The system of
13. The system of
14. The system of
15. The method of
16. The method of
17. The system of
18. The system of
19. The method of
20. The method of
a) by manually pressing a button at the remote control module;
b) during scheduled status reports initiated by the remote control module;
c) when an alert or alarm is reported by the remote control module to the portal.
21. The method of
22. The method of
transmitting, via the internet, configuration data, input via the user interface, to the portal;
transmitting, from the portal to the remote control module and via the internet, the configuration data received by the portal; and
configuring the wireless sensor network, by the remote control module and in accordance with the configuration data received by the remote control module.
23. The method of
setting the remote control module such that configuration data is transmissible from the portal to the remote control module only in a connection between the remote control module and the portal that is initiated by the remote control module.
24. The method of
storing the user-input configuration data at the portal at least until a connection initiated by the remote control module is established during which connection the user-input configuration data is transmitted by the portal to the remote control module.
25. The method of
responsive to receipt of the user-input configuration information, the portal initiating a first connection with the remote control module, in which the portal requests a second connection in which to transmit the user-input configuration data;
responsive to receipt of the request in the first connection, the remote control unit initiating the second connection with the portal; and
in the second connection, the portal transmitting the user-input configuration data to the remote control unit.
26. The method of
27. The method of
29. The method of
sending a notification from the portal to the remote control module indicating a request to establish the secure connection, the establishment of the secure connection being performed responsive to the request.
30. The method of
31. The method of
the remote control module is adapted to:
exchange signals with the wireless sensor network via a base station;
identify at least one sensor node of the wireless sensor network that is in communication with the base station; and
store the identified at least one sensor node in a table; and
a network topology is stored in the base station and within at least one of the sensor nodes.
32. The method of
receiving user input control instructions via the user interface;
transmitting the instructions from the user interface to the accessed portal, and from the portal to the remote control module via the secure internet connection; and
controlling, by the remote control module, the wireless sensor network using the instructions.
33. The method of
the accessing the internet-based portal from the user interface is via the internet; and
the communication between the remote control module and the portal is encrypted.
|
|||||||||||||||||||||||||||||
This application is a continuation of, and claims priority under 35 U.S.C. §120 to, U.S. patent application Ser. No. 10/946,405, filed on Sep. 20, 2004, now U.S. Pat. No. 7,817,994 which is expressly incorporated by reference herein in its entirety.
The present application relates generally to remote control of wireless networks, and in particular relates to a system and method for providing a secure link between a portal and a wireless sensor network that enables a user to configure the wireless sensor network from the portal in a secure manner.
Individual sensors and sensor networks are being used to an ever greater extent in a wide variety of applications to monitor ambient and operating conditions of systems. Such applications include, for example, building control systems for lighting, access control, climate control, and temperature regulation; industrial applications, such as monitoring power usage and distribution, environmental monitoring of air and water quality, chemical concentration, etc. Sensors are also being used in health care applications to monitor heart rate, blood pressure and other health status data.
There are several technical challenges associated with the use of sensors in this context. Generally, measurement data must be collected, processed and aggregated in a form adapted for transmission, and then transmitted to a controller and/or processing center either over a wireline or a wireless connection. Wired systems suffer the disadvantages that they are expensive to install, difficult to modify, limited in functionality once installed, and obtrusive with respect to preexisting infrastructure. Wireless systems overcome these difficulties since they are easy to install and modify, and do not necessarily interfere with any preexisting infrastructure. However, whereas a wired system has a well-defined connection between the sensor(s) and the base station, in wireless systems the connection between the sensor modules and the base station needs to be initialized, continually controlled and secured against breach, interception and hacking. In particular, during the initialization of the network, sensor network nodes, which receive signals directly from the sensors, must be validated before being admitted to the network.
Currently, there are two main techniques for controlling a wireless sensor network: i) providing an extensive user interface at the base station; and ii) using open networks to remotely control the wireless system. The former technique suffers from the fact that providing an extensive interface at the base station increases the complexity of the base station, requiring user interface controls and additional computing power. The latter “remote control” approach, which may be implemented using either PSTN (Public Service Telephone Network) or Internet-based connection in conjunction with a communications device at the wireless network base station, provides the advantage of worldwide remote access. As an example, U.S. Pat. No. 6,643,779 to Leung et al. describes a system in which the base station includes a web server functionality, thereby enabling communication between a local security network and the Internet. However, this technique suffers from the disadvantages that additional computational resources are required at the base station to implement the web server, Internet access must be static, and that the system remains exposed to hacking threats.
The present invention provides a method for controlling a wireless sensor network coupled to a local remote control module from an Internet-based user interface in which an Internet-based portal is accessed from the user interface and a secure connection is established between the remote control module and the portal. According to one embodiment, the connection is established by manually triggering a connection between the remote control module and the portal from the remote control module.
The present invention also provides a system including a wireless sensor network, a remote control module adapted to exchange signals with the wireless sensor network via a base station (which may have a broadband interface to the Internet), and a portal coupled to the Internet that includes an application for configuring and initializing the wireless sensor network; a user interface is coupled to the Internet and adapted to communicate with the portal. A secure connection between the remote control module and the portal is initiated from the remote control module, enabling control of the wireless sensor network from the user interface via the portal. According to one embodiment, the remote control module includes a user interface for manually triggering the secure connection to the portal.
The present invention provides a system and method for secure interaction between a wireless sensor network and a remote user interface coupled to the Internet or the PSTN. The remote user interface connects to a portal which acts as a secure interface between the wireless network and the Internet, and which portal assists in installation, initialization and/or use of the network. Significantly, the portal also acts as an Internet proxy and therefore as a shield against tampering.
The RCM 20 is coupled to the Internet such as via a continual (always on) broadband connection using proprietary Internet security and authentication mechanisms. The connection may be direct or through a firewall or router using known standards. Alternatively, the RCM 20 may include a modem connection to the Public Service Telephone Network (PSTN). The RCM 20 is able to establish secure, encrypted communication with a web-server portal 40, which is also coupled to the Internet. The RCM 20 can be configured so that it reports any activity regarding the wireless sensor network 10 and sensor nodes 25, 26, 27 to the portal 40, so that the portal obtains updated information. Furthermore, since the portal 40 typically has larger computational resources than the RCM 20, the portal can process the information received from the RCM and can provide substantial media interaction to aid the user in initializing, maintaining or configuring the wireless sensor network 10 and sensor nodes 25, 26, 27 via the RCM. For example, the portal 40 may play an animated movie on how to find a system serial number, which button(s) to press on the user interface of the RCM or how to replace a sensor node battery. The portal 40 can also automatically guide the user step by step through the initialization process.
A user or administrator can obtain access to the latest status information by securely logging into the portal 40 via the Internet from a remote user interface on a PC-browser 50. While logged in to the portal 40, the user can send configuration instructions to RCM 20, once a secure connection has already been established between them. To communicate with the correct wireless sensor network, the portal links the RCM 20 Internet connection to the PC-browser 50 Internet connection. The portal 40 can allow changes to be transmitted to the RCM 20 via a secure and encrypted Internet connection between the PC-browser 50 and the portal, as well as between the portal and the RCM (end-to-end-security), subject to an authentication process.
In step 120, an initial connection is made between the RCM and the portal. According to a first technique, the user activates a connection at the base station by pressing an initialization button on the RCM. The RCM then transmits information including the network node table to the IP address of the portal (which is programmed into the RCM) over a secure encrypted communication link, which may be a broadband connection. The user may log in to the portal simultaneously so that information sent from the RCM can be viewed at the portal. Since this technique involves initiation from the base station, which is typically located at the user's residence, it is automatically secure because it is almost impossible to access the RCM from the Internet, hence completely preventing any attempt by hackers to disable functions of the RCM remotely. In particular, the RCM denies its existence toward any attempt to connect to it from the Internet. The only way a connection to the portal can be established is through one of the following cases, each of which is initiated through the RCM: a) when the connection is manually initiated by pressing a button at the RCM; b) during scheduled status reports initiated by the RCM; and c) in the case of an alert or alarm reported by the RCM to the portal. Using this technique, a possible hacker cannot connect to the RCM starting from the portal as a connection can only be initiated from the RCM. Any attempt to connect to the RCM from the outside is rejected. This makes the connection safe by default, since the RCM can only connect to the preset IP address of the portal.
Alternatively, the user may initiate the connection externally by prompting for a connection with the RCM. In this case, the portal may be used to notify the RCM to connect to the Internet. The notification may be a verified method such as call to the RCM over a phone line, in which case the caller ID could be used to identify the portal; this may be compared to a pre-programmed number at the RCM, which identifies the portal; a session ID can also be used as an additional security mechanism. Similarly, if the RCM includes a modem, the portal can call the modem directly; the notification can also consist of an instant message, a wireless call, or any other means that allows the RCM to identify a request for contact from the portal. Upon notification, the RCM can connect to the portal over a broadband connection to the Internet, or if it includes a modem, the RCM can establish a direct modem-to-modem connection with the portal over the PSTN. When the RCM calls the portal upon notification, a security handshake process between the RCM and the portal takes place. The security mechanisms may include one or more of an SSL connection, public/private key authentication/encryption, a network layer security system such as IPSec or Kerberos, an application layer security mechanism or any other encryption techniques as known in the art.
Once the initial connection between the RCM and the portal is made, in step 130, information is delivered to the portal. This information may include the status of the wireless sensor network and sensor nodes, and data measured by the sensors over a certain period of time. In addition, the RCM can query, or send a function call to, the portal requesting specific data. The portal can provide information in response to such queries in the return value of the function call in accordance with its own, programmed configuration.
In this regard, the user is able to program or provide configuration data used for modifying or setting the wireless sensor system through the portal web site when the RCM is offline. This configuration data may be stored in a database at the portal. In step 140, when the RCM connects to the portal, the RCM automatically determines whether new configuration data is available. If so, this data is transmitted from the portal to the RCM, so that the RCM becomes configured in accordance with the data entered by the user through the portal site. In step 150, after the configuration process is complete, the RCM sends back information related to the “result” of the configuration process. For example, if a node is not detected upon configuration, the RCM may send back a request for the user to move the undetected node to another location to ensure that it is within communication range.
After it is determined that a configuration was performed properly and that no further configuration data needs to be updated, and the RCM has sent a status report to the portal, the RCM disconnects from the portal in step 160. The RCM also disconnects from the portal if a failure in the security protocol is detected. At lower protocol levels, the security mechanism itself detects for a security failure, and at the application layer, the application itself performs the validation check.
Once the wireless sensor system has been installed and an initial configuration has taken place (indicated by step 104), the set up stage (step 110) is no longer necessary. The user can obtain access, in step 115, to the portal user interface after proper authentication each time he or she logs on to the portal web page from any PC-browser. Through the user interface, the user can make use of a variety of modification and reconfiguration options such as, for example, reconfiguring the interval for automatic, periodic connection, reconfiguration of the method employed for status notifications, and setting, up or modifying selected events. As an example, the user may configure the RCM so that a notification is sent if a sensor measures a particular value of a parameter. In addition to reconfiguration options, the user may access the portal to obtain current information sent to the portal from the RCM, including, but not limited to, failures, alarms, measured values, and the status of each sensor including whether it is open or closed, whether it is operating or stopped, and whether it is armed or disarmed. After the access step 115, the other steps of the interactive process (steps 120, 130, 140, 150 and 160) may, follow. As noted above, the user can configure the RCM to connect to the Internet periodically (indicated by step 108). In this case, the RCM is not triggered, and the connection is performed automatically; the remaining steps in the interactive process, including the downloading of system updates, configuration, and the transmission of sensor data and status, may follow.
If, in step 270, it is determined that a node identification has already been performed, or, after node identification is performed in step 285, it is determined whether new configuration information is available in step 290. If no new configuration information is available, the user may optionally disconnect the RCM from the portal (step 300), or the user may enter or correct further information on the portal web page (310) and then download the updated information to the RCM from the portal (step 320) by cycling back to step 230. If, in step 290, it is determined that new configuration data is available, then, in step 330, the portal transmits the configuration data to the RCM, and then the RCM attempts to perform the configuration of the sensor system in accordance with the data supplied by the portal in step 340. The RCM then sends a notification to the portal indicating whether or not the configuration was successfully performed (step 350). At the portal, it is determined whether the configuration is correct (step 360). If it is correct, the RCM may be disconnected from the portal in step 370. If it is not correct, the process cycles back to step 300, which gives opportunity for correction through step 310.
In the foregoing description, the systems and methods of the present invention have been described with reference to a number of examples that are not to be considered limiting. Rather, it is to be understood and expected that variations in the principles of the systems and methods herein disclosed may be made by one skilled in the art, and it is intended that such modifications, changes, and/or substitutions are to be included within the scope of the present invention as set forth in the appended claims.
Funk, Karsten, Schaefer, Jochen, Ravula, Sharmila
| Patent | Priority | Assignee | Title |
| 10158718, | Mar 26 2013 | Verizon Patent and Licensing Inc | Sensor nodes with multicast transmissions in lighting sensory network |
| 10362112, | Mar 06 2014 | Verizon Patent and Licensing Inc | Application environment for lighting sensory networks |
| 10417570, | Mar 06 2014 | Verizon Patent and Licensing Inc | Systems and methods for probabilistic semantic sensing in a sensory network |
| 10791175, | Mar 06 2014 | Verizon Patent and Licensing Inc. | Application environment for sensory networks |
| 11544608, | Mar 06 2014 | Verizon Patent and Licensing Inc. | Systems and methods for probabilistic semantic sensing in a sensory network |
| 11616842, | Mar 06 2014 | Verizon Patent and Licensing Inc. | Application environment for sensory networks |
| 8868038, | Sep 27 2011 | Qualcomm Incorporated | Methods of and systems for remotely configuring a wireless device |
| 8885593, | Jun 14 2011 | HITACHI ENERGY LTD | Dynamic assigning of bandwidth to field devices in a process control system |
| 8923817, | Aug 06 2012 | GOOGLE LLC | Mobility device security |
| 9031050, | Apr 17 2012 | Qualcomm Incorporated | Using a mobile device to enable another device to connect to a wireless network |
| 9253712, | Sep 27 2011 | Qualcomm Incorporated | Automatic configuration of a wireless device |
| 9264941, | Jun 14 2011 | HITACHI ENERGY LTD | Dynamic assigning of bandwidth to field devices in a process control system |
| 9374870, | Sep 12 2012 | Verizon Patent and Licensing Inc | Networked lighting infrastructure for sensing applications |
| 9456293, | Mar 26 2013 | Verizon Patent and Licensing Inc | Sensor nodes with multicast transmissions in lighting sensory network |
| 9582671, | Mar 06 2014 | Verizon Patent and Licensing Inc | Security and data privacy for lighting sensory networks |
| 9699873, | Sep 12 2012 | Verizon Patent and Licensing Inc | Networked lighting infrastructure for sensing applications |
| 9746370, | Feb 26 2014 | Verizon Patent and Licensing Inc | Method and apparatus for measuring illumination characteristics of a luminaire |
| 9933297, | Mar 26 2013 | Verizon Patent and Licensing Inc | System and method for planning and monitoring a light sensory network |
| 9959413, | Sep 12 2012 | Verizon Patent and Licensing Inc | Security and data privacy for lighting sensory networks |
| Patent | Priority | Assignee | Title |
| 5388211, | Apr 18 1989 | SofTel, Inc. | Method and apparatus for remotely controlling and monitoring the use of computer software |
| 5790043, | Jun 30 1994 | DaimlerChrysler AG | Procedure for operating a locking system for lockable objects |
| 5987135, | Jul 25 1997 | Northrop Grumman Systems Corporation | System and method for controlling and monitoring remote distributed processing system |
| 6023223, | Mar 18 1999 | RUSSELL, JOHN W ; BAXTER, SALOMA | Early warning detection and notification network for environmental conditions |
| 6359270, | Sep 04 1998 | SAROS LICENSING LLC | Communications module mounting for domestic appliance |
| 6374079, | Jan 04 2000 | PNI Corporation | Modular RF communication module for automated home and vehicle systems |
| 6643779, | Apr 15 1999 | Security system with embedded HTTP server | |
| 6646564, | Mar 07 2001 | L AIR LIQUIDE, SOCIETE ANONYME POUR L ETUDE ET L EXPLOITATION DES PROCEDES GEORGES CLAUDE; L AIR LIQUIDE SOCIETE ANONYME A DIRECTOIRE ET CONSEIL DE SURVEILLANCE POUR L ETUDE ET L EXPLOITATION DES PROCEDES GEORGES CLAUDE | System and method for remote management of equipment operating parameters |
| 6700220, | May 30 2002 | VIPER BORROWER CORPORATION, INC ; VIPER HOLDINGS CORPORATION; VIPER ACQUISITION CORPORATION; DEI SALES, INC ; DEI HOLDINGS, INC ; DEI INTERNATIONAL, INC ; DEI HEADQUARTERS, INC ; POLK HOLDING CORP ; Polk Audio, Inc; BOOM MOVEMENT, LLC; Definitive Technology, LLC; DIRECTED, LLC | Remote control pass-key module for anti-theft system equipped vehicles and installation method |
| 6766165, | Dec 05 2000 | RPX CLEARINGHOUSE LLC | Method and system for remote and local mobile network management |
| 6856820, | Apr 24 2000 | USA TECHNOLOGIES, INC | In-vehicle device for wirelessly connecting a vehicle to the internet and for transacting e-commerce and e-business |
| 6938076, | Mar 30 2001 | 01 Communique Laboratory Inc. | System, computer product and method for interfacing with a private communication portal from a wireless device |
| 6995667, | Dec 23 2002 | INSTROTEK, INC | Systems, methods, and computer program products for automatic tracking and/or remote monitoring of nuclear gauges and/or data communication therewith |
| 7023357, | Aug 23 2002 | International Business Machines Corporation | Pluggable mechanism for wireless remote control |
| 7209946, | Oct 27 2000 | RPX Corporation | Negotiated wireless peripheral security systems |
| 7210625, | May 20 2004 | Watlow Electric Manufacturing Company | System and method for managing asset information |
| 7266344, | Jun 02 2004 | THE WATT STOPPER, INC | Remotely activated bridge device for use with a home network and methods for programming and using the same |
| 7283816, | Apr 14 2005 | Qualcomm Incorporated; QUALCOMM INCORPORATED, A CORP OF DELAWARE | Apparatus and process for a universal diagnostic monitor module on a wireless device |
| 7307521, | Mar 10 2005 | Robert Bosch GmbH | Secure method and apparatus for retrieving network node identifier in wireless networks |
| 7324815, | Jul 01 2002 | Qualcomm Incorporated | Remote interaction with a wireless device resident diagnostic interface across a wireless network |
| 7363031, | Oct 13 1999 | WHIRLPOOL EMEA SPA; WHIRLPOOL EMEA S P A | System for monitoring and controlling a set of household appliances |
| 7389341, | Jan 31 2001 | Accenture Global Services Limited | Remotely monitoring a data processing system via a communications network |
| 7423529, | Jan 16 2003 | OBS, INC | Systems and methods for mobile security and monitoring |
| 7433740, | Mar 05 2003 | GOOGLE LLC | CAN communication for building automation systems |
| 7443964, | Apr 18 2003 | AT&T Intellectual Property, I,L.P. | Caller ID messaging |
| 7507946, | Aug 24 2005 | Avaak, Inc. | Network sensor system and protocol |
| 7509116, | Mar 30 2005 | GenX Mobile Incorporated; GENX MOBILE INCORPORATED, A DELAWARE CORPORATION | Selective data exchange with a remotely configurable mobile unit |
| 7526539, | Jan 04 2000 | PNI Corporation | Method and apparatus for a distributed home-automation-control (HAC) window |
| 7561019, | Mar 25 2003 | FUJINOMAKI, RYUJIN | Home security system |
| 7561877, | Mar 18 2005 | Qualcomm Incorporated | Apparatus and methods for managing malfunctions on a wireless device |
| 7630706, | Jan 09 2006 | Exphand Inc. | Dynamically distributed, portal-based application services network topology for cellular systems |
| 7653383, | Feb 28 2003 | Google Technology Holdings LLC | Method and apparatus for remote data access in a mobile communication device |
| 7697927, | Jan 25 2005 | CenturyLink Intellectual Property LLC | Multi-campus mobile management system for wirelessly controlling systems of a facility |
| 7817994, | Sep 20 2004 | Robert Bosch GmbH | Secure control of wireless sensor network via the internet |
| 20020004387, | |||
| 20020082002, | |||
| 20030023333, | |||
| 20030112772, | |||
| 20030151513, | |||
| 20040086093, | |||
| 20040102683, | |||
| 20040159700, | |||
| 20040171370, | |||
| 20040218602, | |||
| 20060293029, | |||
| 20080165789, | |||
| 20100001665, | |||
| WO150289, | |||
| WO2095506, |
| Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
| Oct 06 2010 | Robert Bosch GmbH | (assignment on the face of the patent) | / |
| Date | Maintenance Fee Events |
| Oct 06 2014 | M1551: Payment of Maintenance Fee, 4th Year, Large Entity. |
| Oct 08 2018 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
| Sep 30 2022 | M1553: Payment of Maintenance Fee, 12th Year, Large Entity. |
| Date | Maintenance Schedule |
| Apr 12 2014 | 4 years fee payment window open |
| Oct 12 2014 | 6 months grace period start (w surcharge) |
| Apr 12 2015 | patent expiry (for year 4) |
| Apr 12 2017 | 2 years to revive unintentionally abandoned end. (for year 4) |
| Apr 12 2018 | 8 years fee payment window open |
| Oct 12 2018 | 6 months grace period start (w surcharge) |
| Apr 12 2019 | patent expiry (for year 8) |
| Apr 12 2021 | 2 years to revive unintentionally abandoned end. (for year 8) |
| Apr 12 2022 | 12 years fee payment window open |
| Oct 12 2022 | 6 months grace period start (w surcharge) |
| Apr 12 2023 | patent expiry (for year 12) |
| Apr 12 2025 | 2 years to revive unintentionally abandoned end. (for year 12) |